Ecco il responso di Autostart di Gmer:
GMER 1.0.12.12086 -
http://www.gmer.net
Autostart scan 2007-03-14 18:01:39
Windows 5.0.2195 Service Pack 3
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >>>
@Userinitc:\winnt\system32\userinit.exe, = c:\winnt\system32\userinit.exe,
@GinaDLLPCIgina.dll = PCIgina.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
aswUpdSv /*avast! iAVS4 Control Service*/@ = "C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe"
avast! Antivirus /*avast! Antivirus*/@ = "C:\Programmi\Alwil Software\Avast4\ashServ.exe"
Client32 /*Client32*/@ = C:\PROGRA~1\NETSUP~1\client32.exe /* *
ewido anti-spyware 4.0 guard /*ewido anti-spyware 4.0 guard*/@ = C:\Programmi\ewido anti-spyware 4.0\guard.exe
FWp /*FWp*/@ = "C:\Programmi\File comuni\Services\sCF.exe" /*file not found*/
HidServ /*HID Input Service*/@ = %SystemRoot%\system32\hidserv.exe
LogSba /*LogSba*/@ = "C:\Programmi\File comuni\System\vJG.exe" /*file not found*/
Schedule /*Utilità di pianificazione*/@ = %SystemRoot%\system32\MSTask.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
StiSvc /*Still Image Service*/@ = %systemroot%\system32\stisvc.exe
viritsvclite /*Virit eXplorer Lite*/@ = C:\VEXPLITE\viritsvc.exe
WinJwm /*WinJwm*/@ = "C:\Programmi\File comuni\Services\iEj.exe" /*file not found*/
WinMgmt /*Strumentazione gestione Windows*/@ = %SystemRoot%\System32\WBEM\WinMgmt.exe
WMDM PMSP Service /*WMDM PMSP Service*/@ = C:\WINNT\system32\mspmspsv.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Synchronization Managermobsync.exe /logon = mobsync.exe /logon
@CmaudioRunDll32 cmicnfg.cpl,CMICtrlWnd = RunDll32 cmicnfg.cpl,CMICtrlWnd
@RaidToolC:\Programmi\VIA\RAID\raid_tool.exe T o = C:\Programmi\VIA\RAID\raid_tool.exe T o
@VTTimerVTTimer.exe = VTTimer.exe
@VTTraypVTtrayp.exe = VTtrayp.exe
@HPDJ Taskbar UtilityC:\WINNT\System32\spool\drivers\w32x86\3\hpztsb06.exe = C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb06.exe
@WinFaxAppPortStarterwfxsnt40.exe = wfxsnt40.exe
@zBrowser LauncherC:\PROGRA~1\Logitech\iTouch\iTouch.exe = C:\PROGRA~1\Logitech\iTouch\iTouch.exe
@Microsoft Works Update DetectionC:\Programmi\File comuni\Microsoft Shared\Works Shared\WkUFind.exe = C:\Programmi\File comuni\Microsoft Shared\Works Shared\WkUFind.exe
@VolControlC:\WINNT\volumec.exe -i /*file not found*/ = C:\WINNT\volumec.exe -i /*file not found*/
@TkBellExe"C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot = "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
@qpml1.exeC:\WINNT\TEMP\qpml1.exe /*file not found*/ = C:\WINNT\TEMP\qpml1.exe /*file not found*/
@avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
@NeroCheckC:\WINNT\system32\\NeroCheck.exe = C:\WINNT\system32\\NeroCheck.exe
@NeroFilterCheckC:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe = C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
@AntiSpywareBotC:\Programmi\SpywareBot\SpywareBot.exe -boot /*file not found*/ = C:\Programmi\SpywareBot\SpywareBot.exe -boot /*file not found*/
@UnlockerAssistant"C:\Programmi\Unlocker\UnlockerAssistant.exe" = "C:\Programmi\Unlocker\UnlockerAssistant.exe"
@VIRIT LITE MONITORC:\VEXPLITE\MONLITE.EXE = C:\VEXPLITE\MONLITE.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run@1 = C:\WINNT\service32.exe /*file not found*/
HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@internat.exeinternat.exe = internat.exe
@ATnotes.exeC:\Programmi\ATnotes\ATnotes.exe = C:\Programmi\ATnotes\ATnotes.exe
@AMP CalendarC:\Programmi\AMP Calendar\Calendar.exe -quiet /*file not found*/ = C:\Programmi\AMP Calendar\Calendar.exe -quiet /*file not found*/
@Skype"C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized = "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
@VoipStunt"C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized /*file not found*/ = "C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized /*file not found*/
@UnHackMe MonitorC:\Programmi\UnHackMe\hackmon.exe = C:\Programmi\UnHackMe\hackmon.exe
@BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" = "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
@updateMgr"C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 = "C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@Magacsrv = C:\WINNT\system32\iesesql.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks >>>
@{A213B520-C6C2-11d0-AF9D-008029E1027E}C:\Programmi\Symantec\WinFax\WfxSeh32.Dll = C:\Programmi\Symantec\WinFax\WfxSeh32.Dll
@{57B86673-276A-48B2-BAE7-C6DBB3020EB8}C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll = C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{41E300E0-78B6-11ce-849B-444553540000} /*Estensione CPL PlusPack*/plustab.dll = plustab.dll
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{5F327514-6C5E-4d60-8F16-D07FA08A78ED} /*Estensione finestra proprietà di aggiornamento automatico*/C:\WINNT\System32\wuaueng.dll = C:\WINNT\System32\wuaueng.dll
@{8BEBB290-52D0-11D0-B7F4-00C04FD706EC} /*Anteprima*/C:\WINNT\System32\thumbvw.dll = C:\WINNT\System32\thumbvw.dll
@{EAB841A0-9550-11CF-8C16-00805F1408F3} /*Programma di estrazione pagine HTML in anteprima*/C:\WINNT\System32\thumbvw.dll = C:\WINNT\System32\thumbvw.dll
@{1AEB1360-5AFC-11D0-B806-00C04FD706EC} /*Programma di estrazione filtri grafici di Office in anteprima*/C:\WINNT\System32\thumbvw.dll = C:\WINNT\System32\thumbvw.dll
@{9DBD2C50-62AD-11D0-B806-00C04FD706EC} /*Summary Info Thumbnail handler (DOCFILES)*/C:\WINNT\System32\thumbvw.dll = C:\WINNT\System32\thumbvw.dll
@{500202A0-731E-11D0-B829-00C04FD706EC} /*LNK file thumbnail interface delegator*/C:\WINNT\System32\thumbvw.dll = C:\WINNT\System32\thumbvw.dll
@{fe1290f0-cfbd-11cf-a330-00aa00c16e65} /*Directory Namespace*/dsfolder.dll = dsfolder.dll
@{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} /*Shell properties for a DS object*/dsfolder.dll = dsfolder.dll
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{99a0e993-016c-4145-a8ef-3782ef76937a} /*NetSupport Shell Extension*/C:\PROGRA~1\NETSUP~1\PCIShellExt.dll = C:\PROGRA~1\NETSUP~1\PCIShellExt.dll
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/C:\Programmi\Real\RealPlayer\rpshell.dll = C:\Programmi\Real\RealPlayer\rpshell.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Programmi\Alwil Software\Avast4\ashShell.dll = C:\Programmi\Alwil Software\Avast4\ashShell.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} /*UnlockerShellExtension*/C:\Programmi\Unlocker\UnlockerCOM.dll = C:\Programmi\Unlocker\UnlockerCOM.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved@{BDEADF00-C265-11d0-BCED-00A0C90AB50F} /*Cartelle Web*/ = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
UnlockerShellExtension@{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = C:\Programmi\Unlocker\UnlockerCOM.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL = C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
@{3C657AAF-22D9-5A16-E17D-31457D631863}C:\WINNT\system\tlctw32.dll /*file not found*/ = C:\WINNT\system\tlctw32.dll /*file not found*/
@{79A10F92-E718-83FF-6126-579BF5AEA0F2}C:\WINNT\qkqjt1.dll /*file not found*/ = C:\WINNT\qkqjt1.dll /*file not found*/
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start
Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start
Pagehttp://www.forospyware.com/ =
http://www.forospyware.com/
@Local PageC:\windows\system32\blank.htm = C:\windows\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
its@CLSID = C:\WINNT\System32\itss.dll
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-its@CLSID = C:\WINNT\System32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
vnd.ms.radio@CLSID = C:\WINNT\system32\msdxm.ocx
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D1B0C917-B212-4938-BAB6-CDEDD7581A42} /*Connessione alla rete locale (LAN)*/ >>>
@IPAddress192.168.2.37 = 192.168.2.37
@NameServer213.140.2.43,213.140.2.49,212.216.112.222,212.216.172.162 = 213.140.2.43,213.140.2.49,212.216.112.222,212.216.172.162
@DefaultGateway192.168.2.1 = 192.168.2.1
@Domain =
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001@LibraryPath = %SystemRoot%\System32\rnr20.dll
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000002@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000003@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000004@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000007@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000008@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000009@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000010@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
000000000011@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012@PackedCatalogItem = %SystemRoot%\system32\msafd.dll
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
AdwareFilter Background Protection.lnk = AdwareFilter Background Protection.lnk
Avvio veloce di Adobe Reader.lnk = Avvio veloce di Adobe Reader.lnk
Controller.LNK = Controller.LNK
InterVideo WinCinema Manager.lnk = InterVideo WinCinema Manager.lnk
Microsoft Office.lnk = Microsoft Office.lnk
PTP Manager.lnk = PTP Manager.lnk
---- EOF - GMER 1.0.12 ----
...e adesso che si fa????